Keep your WordPress installation, themes and plugins up-to-date
Each new version of WordPress comes with enhanced security and updates to address potential vulnerabilities in the previous versions. Keeping your site current on the latest stable release version of WordPress is probably the single most overlooked security measures you can take.
Use only plugins from trusted sources.
We suggest doing your research before adding any plugin to your site. The WordPress plugin repository is the most trustworthy place to download plugins. There are a team of volunteers that review plugins to make sure they abide by a strict set of guidelines before they’re added. The repository is constantly under the watchful eyes of the community and if anything malicious is added to a plugin after it’s been approved, it’s removed until it’s fixed.
Add a WordPress security plugin and do not use “admin” as your username.
We always recommend that our Seattle clients utilize a security plugin with their WordPress website. There are several popular WordPress security plugins to choose from. A good security plugin scans your WordPress installation for malware infections and will notify you instantly if any vulnerabilities are found, it will notify you. A good security plugin will also block brute-force attacks and can add two factor authentication via SMS.
Use a Strong Password
The weakest point in any security for your online accounts is usually your password. Password-cracking techniques have matured quickly and significantly in the past few decades, but the way we create our passwords hasn’t kept pace. As a result, the most common advice you’ll hear about creating a strong password today is very outdated and impractical. There are many different approaches to generating a strong password, but password managers and passphrases are the best.
If you have any questions about WordPress security or would like a complimentary review of your Seattle Wordpress site’s security measures, feel free to contact us!